ESET GATEWAY SECURITY Installation Manual
Hide thumbs
Also See for GATEWAY SECURITY:
- Installation manual (38 pages) ,
- Datasheet (2 pages) ,
- Installation manual (21 pages)
Table of Contents
Advertisement
Quick Links
Advertisement
Table of Contents
Related Manuals for ESET GATEWAY SECURITY
Summary of Contents for ESET GATEWAY SECURITY
- Page 1 ESET Gateway Security Installation Manual and User Guide...
-
Page 2: Table Of Contents
5.4.2. Partial scan technique ................20 5.5. ESETS plug-in filter for SafeSquid Proxy Cache.........21 5.5.1. Operation principle..................21 5.5.2. Installation and configuration..............21 6. Important ESET Gateway Security mechanisms......23 6.1. Handle Object Policy .................. 24 6.2. User Specific Configuration ..............24 6.3. Black-list and white-list................25 6.4. -
Page 3: Introduction
Chapter 1: Introduction... - Page 4 Dear user, you have acquired ESET Gateway Security - the premier security system running under the Linux/BSD/Solaris OS. As you will soon find, the system uses the state-of-the-art ESET scanning engine, which has unsurpassed scanning speed and detection rates, combined with a very small footprint that makes it the ideal choice for any Linux/BSD/Solaris OS server.
-
Page 5: Terminology And Abbreviations
Chapter 2: Terminology and abbreviations... - Page 6 ESETS ESET Security is the standard acronym for all security products developed by ESET, spol. s r.o. for Linux, BSD and Solaris operating systems. It is also the name (or its part) of the software package containing the products.
- Page 7 ESETS binary files directory The directory where the relevant ESET File Security binary files are stored. The abbreviation @ BINDIR@ will be used for future references to this directory. The @BINDIR@ value for the following Operating Systems is listed below:...
-
Page 9: Installation
Chapter 3: Installation... - Page 10 This data is necessary for both identifying you as our customer and allowing you to download updates for ESET Gateway Security. The username/password data is also required for downloading the initial installation package from our web site. ESET Gateway Security is distributed as a binary file: esets.i386.ext.bin...
-
Page 11: Architecture Overview
Chapter 4: Architecture Overview... - Page 12 The structure of ESET Gateway Security is shown in Figure 4-1. The system is comprised of the following parts: CORE The Core of ESET Gateway Security is the ESETS daemon (esets_daemon). The daemon uses ESETS API library libesets.so and ESETS loading modules em00X_xx.dat to provide base system tasks such as scanning, maintenance of the agent daemon processes, maintenance of the samples submission system, logging, notification, etc. Please refer to the esets_daemon (8) man...
-
Page 13: Product's Roadmap
@ETCDIR@/esets.cfg This is the most important configuration file, as it controls all major aspects of the product‘s functionality. The esets.cfg file is made up of several sections, each of which contains various parameters. The file contains one global and several "agent“ sections, with all section names enclosed in square brackets. -
Page 15: Integration With Internet Gateway Services
Chapter 5: Integration with Internet Gateway services... -
Page 16: Transparent Http/Ftp Proxy Configuration
ESET Gateway Security protects the organization’s HTTP and FTP services against viruses, worms, trojans, spyware, phishing and other internet threats. The term 'Gateway Server' refers to layer 3, or 'router' level of the ISO/OSI model. In this chapter we review the process of ESET Gateway Security integration with various services. -
Page 17: Manual Http/Ftp Proxy Configuration
The manual HTTP/FTP proxy configuration of esets_http with Mozilla Firefox is illustrated by the left hand side of Figure 5-2. This configuration allows ESET Gateway Security to be installed anywhere within the local network, including the gateway server and the user agent’s computer. -
Page 18: Manual Proxy Configuration Of Squid Web Proxy Cache
The remaining lines are used to configure error message reporting in the event that the parent proxy is down or becomes unreachable. To configure Squid to attempt direct connections when the parent proxy is unreachable, add the following parameters to the Squid configuration file: ESET Gateway Security... -
Page 19: Internet Content Adaptation Configuration
ICAP client and pass the ICAP request for the message adaptation to ESET Gateway Security, namely to a generic ESETS ICAP server - esets_icap. The module provides scanning of the encapsulated message body for infiltration. Based on the scanning result, it then provides an appropriate ICAP response which is sent back to the ICAP client, or to the Proxy Cache, for further delivery. -
Page 20: Large Http Objects Handling
This is because some parts of the already transferred data can contain executable, dangerous code. For this reason, ESET developed a modified version of the ‘deferred scan’ technique, known as the ‘partial scan’ technique. -
Page 21: Esets Plug-In Filter For Safesquid Proxy Cache
Configure until you find ESET Gateway Security. Click Submit and create the antivirus profile for the ESET Gateway Security section by clicking the Add button at the bottom. Define the below parameters within the list that appears and click Submit. Remember to save the Safesquid... - Page 22 Logon to the SafeSquid Web Administration Interface. Select the Config menu from the main interface page and browse Select a Section to Configure until you find ESET Gateway Security. Next, edit the newly created antivirus profile by clicking Edit at the bottom of the ESET Gateway Security section.
-
Page 23: Important Eset Gateway Security Mechanisms
Chapter 6: Important ESET Gateway Security mechanisms... -
Page 24: Handle Object Policy
In this example, the esets_http module is used to control HTTP traffic on port 8080 of the gateway server, with a local network IP address of 192.168.1.10. The functionality of esets_http is based on the [http] section of the ESETS configuration file. See the following lines: ESET Gateway Security... -
Page 25: Blacklist And Whitelist
In the example above, ‘aaa.bbb.ccc.ddd’ is the IP address of the server added to the ‘black- list’ . All HTTP traffic related to the specified server will now be rejected, i.e. the server will be blocked. chapter 6 Important ESET Gateway Security mechanisms... -
Page 26: Samples Submission System
All virus samples collected by the sample submission system will be processed by the ESET virus laboratory and if necessary, added to the ESET virus signature database. -
Page 27: Remote Administration
6.6 Remote Administration ESETS supports ESET Remote Administration for file security management in large computer networks. For more information, please read the ESET Remote Administrator Manual. This manual is located on our web site, here: http://download.eset.com/manuals/ESET_ERA_User_Guide_EN.pdf The ESETS Remote Administration Client is part of the main ESETS daemon. For basic set up, specify the address of your ERA Server using the ‘racl_server_addr‘ parameter in the [global]... -
Page 29: Eset Security System Update
Chapter 7: ESET Security system update... -
Page 30: Esets Update Utility
The second stage of the update process is the compilation of modules loadable by the ESET Mail Security scanner from those stored in the local mirror. Typically, the following ESETS loading modules are created: loader module (em000.dat), scanner module (em001.dat), virus signature... -
Page 31: Let Us Know
Chapter 8: Let us know... -
Page 32: Eset Gateway Security
Dear user, we hope this Guide has provided you with a thorough understanding of the requirements for ESET Gateway Security installation, configuration and maintenance. However, our goal is to continually improve the quality and effectiveness of our documentation. If you... -
Page 33: Esets Setup Process Description
Appendix A. ESETS setup process description... -
Page 34: Setting Esets For Scanning Of Http Communication - Transparent Mode
Restart the ESETS daemon. Then, redirect all FTP requests to esets_ftp. If IP-filtering is being performed by the ipchains administration tool, an appropriate rule would be: ipchains -A INPUT -p tcp -i if0 --dport 21 \ -j REDIRECT 2121 ESET Gateway Security... -
Page 35: Setting Esets For Scanning Of Icap Encapsulated Http Messages
If IP-filtering is being performed by the iptables administration tool, the rule is: iptables -t nat -A PREROUTING -p tcp -i if0 \ --dport 21 -j REDIRECT --to-ports 2121 On FreeBSD, the rule is: ipfw add fwd 192.168.1.10,2121 tcp \ from any to any 21 via if0 in On NetBSD and Solaris, the rule is: echo 'rdr if0 0.0.0.0/0 port 21 ->... -
Page 37: Appendix A. Php License
Appendix B. PHP License... - Page 38 PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ESET Gateway Security...
Need help?
Do you have a question about the GATEWAY SECURITY and is the answer not in the manual?
Questions and answers